<?php 
/*
* StiPHPcms, A web Content management System made with PHP/MySQL
* JordSti : jord52@gmail.com
* Version : 0.0.1
*
* Copyright (C) 2009  jord52@gmail.com
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
*
* Download Module
*
*
*/



class Module {
	
	private $cms;
	public $name;
	public $version;
	public $author;
	
	public function __construct($cms)
	{
		$this->cms = $cms;
		$this->name = "Download (STI)";
		$this->version = "0.0.1";
		$this->author= "StiTeam";
	}
	
	public function run()
	{
		if(!$this->cms->isSettingExist("download_rank_to_see"))
		{
			$this->install();
		}
		
		if(isset($_GET['t']))
		{
			$task = $_GET['t'];
		}
		else
		{
			$task = 'default';
		}
		
		if($task=='default')
		{
			$this->catListPage();
		}
		else if($task=='upload')
		{
			$this->uploadForm();
		}
		else if($task=='uploadthis')
		{
			$this->addDownload();
		}
		else if($task=='viewcats')
		{
			$this->catPage();
		}
		else if($task=='fileinfo')
		{
			$this->fileInfoPage();
		}
		else if($task=='get')
		{
			$this->getFile();
		}
		
	}
	
	public function uploadForm()
	{
		$this->uploaderOnly();
		require_once("core/sticode.php");
		$this->cms->loadStiCodeScript();
		$html = '<form action="mod.php?mod=download&t=uploadthis" method="post" enctype="multipart/form-data" name="upload" id="upload">
<fieldset>
<legend>'.$this->cms->lang['download_new_download'].'</legend>
  <p>
    <label for="filename">'.$this->cms->lang['download_filename'].' : </label>
    <input type="text" name="filename" id="filename" tabindex="10" />
  </p>
  <p>
    <label for="cats">'.$this->cms->lang['download_categorie'].' : </label>
	'.$this->catListBox().'
  </p>
  '.StiCodeHTMLFormBar('description').'
  <p>
    <label for="description">'.$this->cms->lang['download_description'].' : </label><br />
    <textarea name="description" id="description" cols="40" rows="5" tabindex="20"></textarea>
  </p>
  <p>&nbsp;</p>
  </fieldset>
  <fieldset>
  <p>
    <label>
      <input type="radio" name="itemtype" value="upload" id="itemtype_0" />
      '.$this->cms->lang['download_upload_file'].'</label>
       </p>
       <p><label for="upfile">'.$this->cms->lang['download_file'].' :
      </label>
      <input type="file" name="upfile" id="upfile" tabindex="30" />
      
      </p>
      <p><input type="checkbox" name="md5sum" id="md5sum" />
      <label for="md5sum">'.$this->cms->lang['download_do_md5sum'].' </label>
    </p>
 
    </fieldset>
    <fieldset>
    <p>
    <label>
      <input type="radio" name="itemtype" value="external" id="itemtype_1" />
      '.$this->cms->lang['download_external_download'].'
    </label>

  </p>
    <p>
      <label for="url">'.$this->cms->lang['download_url'].' : </label>
      <input type="text" name="url" id="url" tabindex="40" />
    </p>
    <p>
      <label for="size">'.$this->cms->lang['download_filesize'].' : </label>
      <input type="text" name="size" id="size" tabindex="50" />
    </p>
    <p>
      <label for="md5">'.$this->cms->lang['download_md5sum'].' : </label>
      <input type="text" name="md5" id="md5" tabindex="60" />
    </p>
  </fieldset>
  
  <input name="add" type="submit" value="'.$this->cms->lang['download_add'].'" />
 
</form>';
		
		$this->cms->renderHeader($this->cms->lang['download_upload_file']);
		$this->cms->renderMenu();
		$this->cms->template->addFrame('',$html);
	}
	
	
	public function addDownload()
	{
		$this->uploaderOnly();
		
		$user_id = $_SESSION['user_id'];
		
		$type = $_POST['itemtype'];
		
		require_once("core/tools/string.php");
		
		if($type=='external')
		{
			$_POST = array_htmlentities($_POST);
			$_POST = array_sql_escape($_POST);

			$filename = $_POST['filename'];
			$cat_id = $_POST['cats'];
			$description = $_POST['description'];
			$url = $_POST['url'];
			$size = intval($_POST['size']);
			$md5sum = $_POST['md5'];
			$stamp = time();
			$this->cms->sql_query("INSERT INTO %prefix%file VALUES('',$cat_id,'$filename','$description','$size','$md5sum','$url',0,$user_id,$stamp)");
		}
		else if($type=='upload')
		{
			
			$_POST = array_htmlentities($_POST);
			$_POST = array_sql_escape($_POST);
			
			$name = $_POST['filename'];
			$cat_id = $_POST['cats'];
			$description = $_POST['description'];
			
			$tmp_file = $_FILES['upfile']['tmp_name'];
			$filename = $_FILES['upfile']['name'];
			
			$auth_ext = explode(',',$this->cms->settings['download_accepted_extension']);
			
			
			$valid = false;
			
			foreach($auth_ext as $key => $ext)
			{
				//$f_ext = substr($f_ext,(strlen($f_ext))-(strlen($ext)),strlen($ext));
				
				$len_ext = strlen($ext);
				$len_filename = strlen($filename);
				
				$f_ext = substr(strtolower($filename),$len_filename-$len_ext,$len_ext);
				
				if($f_ext==$ext)
				{
					$valid = true;
				}
			}
			
			if(!$valid)
			{
				$this->cms->error($this->cms->lang['download_not_authorize_extension']);
			}
			
			if(!is_uploaded_file($tmp_file))
			{
				exit("File isn't uploaded !");
			}
			
			if(file_exists('uploads/'.$filename))
			{
				$dest = 'uploads/'.dechex(rand(1024,16384)).'_'.$filename;
			}
			else
			{
				$dest = 'uploads/'.$filename;
			}
			
			if(!move_uploaded_file($tmp_file,$dest))
			{
				exit("File isn't uploaded !");
			}
			else
			{
				chmod($dest,0777);
			}
			
			if($_POST['md5sum'])
			{
				$md5sum = md5_file($dest);
			}
			else
			{
				$md5sum = "n\a";
			}
			
			$size = filesize($dest);
			$stamp = time();
			
			$this->cms->sql_query("INSERT INTO %prefix%file VALUES('',$cat_id,'$name','$description','$size','$md5sum','$dest',0,$user_id,$stamp)");
		}
		
			$this->cms->renderHeader($this->cms->lang['download_title']);
			$this->cms->renderMenu();
			$this->cms->template->addFrame('',$this->cms->lang['download_download_added']);
		
	}
	
	
	public function catListBox($fieldName = 'cats')
	{
		$dt = $this->cms->sql_query("SELECT * FROM %prefix%file_cats");
		
		$html = '<select name="cats" id="cats">';
		while($data=mysql_fetch_array($dt))
		{
			$html .= '<option value="'.$data['id'].'">'.$data['cat_name'].'</option>';
		}
		$html .= '</select>';
		
		return $html;
	}
	
	public function catListPage()
	{
		require_once("core/tools/filesize.php");
			$this->rankToSee();
			
			$dt = $this->cms->sql_query("SELECT c.id,c.cat_name,c.description,COUNT(f.id) dncount,SUM(f.filesize) t_size FROM %prefix%file_cats c LEFT JOIN %prefix%file f ON(c.id=f.cat_id) GROUP BY c.id");
			
			
			$html = $this->uploadLink();
			
			
			$html .= '<table id="catstable" width="80%" align="center">';
			
			$col = 0;
			$size = new FileSize();
			
			while($data = mysql_fetch_array($dt))
			{
				if($col==0)
				{
					$html .= '<tr>';
				}
				
				$size->setSize($data['t_size']);

				$html .= '<td width="50%"><p id="catstitle"><a href="mod.php?mod=download&t=viewcats&cid='.$data['id'].'">'.$data['cat_name'].'</a></p>
				<p>'.$data['description'].'</p>
				<p>'.$this->cms->lang['download_nb_file'].' : '.$data['dncount'].' <br />
				'.$this->cms->lang['download_filesize'].' : '.$size->getFormattedSize().'
				</p>
				</td>';
				
				$col++;
				if($col==2)
				{
					$html .= '</td>';
					$col = 0;
				}
			}
			
			$html .= '</table>';
			
			
			$this->cms->renderHeader($this->cms->lang['download_title']);
			$this->cms->renderMenu();
			$this->cms->template->addFrame($this->cms->lang['download_title'],$html);
	}
	
	public function catPage()
	{
		$this->rankToSee();
		
		if(isset($_GET['cid']))
		{
			if(is_numeric($_GET['cid']))
			{
				$cat_id = $_GET['cid'];
			}
			else
			{
				$this->cms->error('','index.php');
			}
		}
		else
		{
			$this->cms->error('','index.php');
		}
		
		$dt = $this->cms->sql_query("SELECT * FROM %prefix%file_cats WHERE id=$cat_id");
		
		$data = mysql_fetch_array($dt);
		$cat_name = $data['cat_name'];
		
		$dt = $this->cms->sql_query("SELECT * FROM %prefix%file WHERE cat_id=$cat_id ORDER BY timestamp DESC");
		
		$count = mysql_num_rows($dt);
		
		$html = '<table class="download" width="100%">
		<tr class="rowhead">
		<td>'.$this->cms->lang['download_filename'].'</td>
		<td>'.$this->cms->lang['download_filesize'].'</td>
		<td>-</td>
		<td>'.$this->cms->lang['download_nbofdl'].'</td>
		<td>-</td>
		</tr>
		';
		
		require_once("core/tools/filesize.php");
		
		$size = new FileSize();
		
		$row = "row01";
		while($data = mysql_fetch_array($dt))
		{
			$size->setSize($data['filesize']);
			$html .= '<tr class="'.$row.'">
			<td><a href="mod.php?mod=download&t=fileinfo&did='.$data['id'].'">'.$data['filename'].'</a></td>
			<td>'.$size->getSmallUnitFormattedSize().'</td>
			<td>'.date($this->cms->lang['dateformat'],$data['timestamp']).'</td>
			<td>'.$data['nb_dwl'].'</td>
			<td><a href="mod.php?mod=download&t=fileinfo&did='.$data['id'].'">'.$this->cms->lang['download_now'].'</a></td>
			</tr>';
			
			if($row=="row01")
			{
				$row="row02";
			}
			else
			{
				$row="row01";
			}
		}
		
		$html .= '</table>';
		
		$this->cms->renderHeader($cat_name);
		$this->cms->renderMenu();
		$this->cms->template->addFrame($cat_name,$html);
	}
	
	public function fileInfoPage()
	{
		$this->rankToSee();
		
		if(isset($_GET['did']))
		{
			if(is_numeric($_GET['did']))
			{
				$file_id = $_GET['did'];
			}
			else
			{
				$this->cms->error('','index.php');
			}
		}
		else
		{
			$this->cms->error('','index.php');
		}
		
		$dt = $this->cms->sql_query("SELECT f.id,u.username,c.cat_name,f.filename,f.filesize,f.description,f.md5sum,f.nb_dwl,f.timestamp FROM %prefix%file f JOIN %prefix%file_cats c ON(f.cat_id=c.id) JOIN %prefix%users u ON(f.user_id=u.id) WHERE f.id=$file_id");
	
		if(mysql_num_rows($dt) == 0)
		{
			$this->cms->error('','index.php');
		}
		
		$data = mysql_fetch_array($dt);
		
		require_once("core/tools/filesize.php");
		require_once("core/sticode.php");
		
		$size = new FileSize();
		$size->setSize($data['filesize']);
		
		$html = '<h2>'.$data['filename'].'</h2>
		<h3>'.$data['cat_name'].'</h3>
		<p><strong>'.$this->cms->lang['download_filesize'].'</strong> : '.$size->getFormattedSize().'</p>
		<p><strong>'.$this->cms->lang['download_md5sum'].'</strong> : '.$data['md5sum'].'</p>
		<p><strong>'.$this->cms->lang['download_nbofdl'].'</strong> : '.$data['nb_dwl'].'</p>
		<p><strong>'.$this->cms->lang['download_uploader'].'</strong> : '.$data['username'].'</p>
		<p><strong>'.$this->cms->lang['download_upload_on'].'</strong> : '.date($this->cms->lang['dateformat'],$data['timestamp']).'</p>
		<p><strong>'.$this->cms->lang['download_description'].'</strong></p><p>'.parseStiCode($data['description']).'</p>
		<p><a href="mod.php?mod=download&t=get&did='.$data['id'].'" target="_blank">'.$this->cms->lang['download_now'].'</a></p>
		';
		
		
		$this->cms->renderHeader($data['filename']);
		$this->cms->renderMenu();
		$this->cms->template->addFrame('',$html);
	}
	
	public function getFile()
	{
		$this->rankToSee();
		
		if(isset($_GET['did']))
		{
			if(is_numeric($_GET['did']))
			{
				$file_id = $_GET['did'];
			}
			else
			{
				$this->cms->error('','index.php');
			}
		}
		else
		{
			$this->cms->error('','index.php');
		}
		
		$dt = $this->cms->sql_query("SELECT url,nb_dwl FROM %prefix%file WHERE id=$file_id");
		if(mysql_num_rows($dt) == 0)
		{
			$this->cms->error('','index.php');
		}
		
		$data = mysql_fetch_array($dt);
		
		$nb_dwl = $data['nb_dwl'] + 1;
		
		$this->cms->sql_query("UPDATE %prefix%file SET nb_dwl=$nb_dwl WHERE id=$file_id");
		
		header('location: '.$data['url']);
	}
	
	public function rankToSee()
	{
		if($this->cms->getUserRank()<$this->cms->settings['download_rank_to_see'])
		{
			$this->cms->error($this->cms->lang['right_error']);
		}
	}
	
	public function rankToUpload()
	{
		if($this->cms->getUserRank()<$this->cms->settings['download_rank_to_upload'])
		{
			return false;
		}
		else
		{
			return true;
		}
	}
	
	public function uploaderOnly()
	{
		if(!$this->rankToUpload())
		{
			$this->cms->error('right_error');
		}
	}
	
	public function uploadLink()
	{
		$html = '';
		if($this->rankToUpload())
		{
			$html .= '<p><a href="mod.php?mod=download&t=upload">'.$this->cms->lang['download_upload_file'].'</a></p>';
		}
		
		return $html;
	}
	
	
	public function install()
	{
		$this->cms->sql_query("CREATE TABLE `%prefix%file` (
  		`id` int(25) NOT NULL AUTO_INCREMENT,
 		`cat_id` int(25) NOT NULL,
  		`filename` varchar(64) NOT NULL,
  		`description` text NOT NULL,
  		`filesize` int(255) NOT NULL,
  		`md5sum` varchar(32) NOT NULL,
  		`url` varchar(255) NOT NULL,
  		`nb_dwl` int(255) NOT NULL,
  		`user_id` int(25) NOT NULL,
  		`timestamp` int(25) NOT NULL,
  		PRIMARY KEY (`id`)
		) ENGINE=MyISAM DEFAULT CHARSET=latin1;");
		
		$this->cms->sql_query("CREATE TABLE `%prefix%file_cats` (
  		`id` int(25) NOT NULL AUTO_INCREMENT,
  		`cat_name` varchar(255) NOT NULL,
  		`description` text NOT NULL,
  		PRIMARY KEY (`id`)
		) ENGINE=MyISAM DEFAULT CHARSET=latin1;");
		
		$this->cms->addSetting('download_rank_to_upload',80);
		$this->cms->addSetting('download_rank_to_see',1);
		$this->cms->addSetting('download_max_filesize',(1024*1024)*10); //10 Mb
		$this->cms->addSetting('download_accepted_extension','jpg,png,gif,bmp,exe,zip,rar,tar,bz2,bz,gz,dmg');
		
		$this->cms->addLangEntry('download_download_added','The download has been added !');
		$this->cms->addLangEntry('download_not_authorize_extension','This extension isn\'t authorize for upload');
		$this->cms->addLangEntry('download_filename','Filename');
		$this->cms->addLangEntry('download_categorie','Categorie');
		$this->cms->addLangEntry('download_description','Description');
		$this->cms->addLangEntry('download_file','File');
		$this->cms->addLangEntry('download_do_md5sum','Do md5sum');
		$this->cms->addLangEntry('download_external_download','External Download (URL)');
		$this->cms->addLangEntry('download_url','URL');
		$this->cms->addLangEntry('download_title','Downloads');
		$this->cms->addLangEntry('download_filesize','Filesize');
		$this->cms->addLangEntry('download_md5sum','MD5Sum');
		$this->cms->addLangEntry('download_add','Add');
		$this->cms->addLangEntry('download_nb_file','Number of file(s)');
		$this->cms->addLangEntry('download_filesize','Size');
		$this->cms->addLangEntry('download_upload_file','Upload a file');
		$this->cms->addLangEntry('download_uploader','Uploaded by');
		$this->cms->addLangEntry('download_upload_on','Uploaded On');
		$this->cms->addLangEntry('download_nbofdl','Number of D\\L');
		$this->cms->addLangEntry('download_now','Download Now !');
		$this->cms->addLangEntry('download_edit_categorie','Edit Categorie(s)');
		$this->cms->addLangEntry('download_add_categorie','Add Categorie');
		$this->cms->saveLangFile();
		
		mkdir('uploads',0777);
	}
	
	
}

class AdminModule
{
	private $cms;
	
	public function __construct($cms)
	{
		$this->cms = $cms;
	}
	
	public function catListBox($fieldName = 'cats',$selected = 'none')
	{
		$dt = $this->cms->sql_query("SELECT * FROM %prefix%file_cats");
		
		$html = '<select name="cats" id="cats">';
		while($data=mysql_fetch_array($dt))
		{
			if($selected != 'none' && $selected == $data['cat_name'])
			{
				 $html .= '<option value="'.$data['id'].'" selected="selected">'.$data['cat_name'].'</option>';
			}
			else
			{
				$html .= '<option value="'.$data['id'].'">'.$data['cat_name'].'</option>';
			}
		}
		$html .= '</select>';
		
		return $html;
	}
	
	public function run()
	{
		if(isset($_GET['t']))
		{
			$task = $_GET['t'];
		}
		else
		{
			$task = 'default';
		}
		
		if($task=='default')
		{
			$this->fileListPage();
			
		}
		else if($task=='editcat')
		{
			$this->editCategorie();
		}
		else if($task=='deletecat')
		{
			$this->deleteCategorie();
		}
		else if($task=='savecat')
		{
			$this->saveCategorie();
		}
		else if($task=='addcat')
		{
			$this->addCategorie();
		}
		else if($task=='delete')
		{
			$this->deleteFile();
		}
		else if($task=='edit')
		{
			$this->editFile();
		}
		else if($task=='savefile')
		{
			$this->saveFile();
		}
	}
	
	public function editCategorie()
	{
		
		$html = '<h3>'.$this->cms->lang['download_edit_categorie'].'</h3>';
		
		$dt = $this->cms->sql_query("SELECT c.id,c.cat_name,c.description,COUNT(f.id) nbfile FROM %prefix%file_cats c LEFT JOIN %prefix%file f ON(f.cat_id=c.id) GROUP BY c.id ORDER BY c.id DESC");
		
		while($data = mysql_fetch_array($dt))
		{
			$html .= '<form method="post" action="admin.php?mod=download&t=savecat">
		<fieldset>
		<p><label for="cat_name">'.$this->cms->lang['download_categorie'].' : </label><input type="text" name="cat_name" id="cat_name" value="'.$data['cat_name'].'" tabindex="10" /></p>
		<p>'.$this->cms->lang['download_nb_file'].' : '.$data['nbfile'].'</p>
		<p>'.$this->cms->lang['download_description'].' <br /><textarea name="description" cols="45" rows="5">'.$data['description'].'</textarea></p>
		<p><input type="submit" value="'.$this->cms->lang['save'].'"/> | <a href="admin.php?mod=download&t=deletecat&cid='.$data['id'].'">'.$this->cms->lang['delete'].'</a></p>
		<input type="hidden" name="cid" value="'.$data['id'].'"/>
		</fieldset>
		</form>';
		}
		
		$html .= '<form method="post" action="admin.php?mod=download&t=addcat">
		<fieldset>
		<legend>'.$this->cms->lang['download_add_categorie'].'</legend>
		<p><label for="cat_name">'.$this->cms->lang['download_categorie'].' : </label><input type="text" name="cat_name" id="cat_name" tabindex="10" /></p>
		<p>'.$this->cms->lang['download_description'].' <br /><textarea name="description" cols="45" rows="5"></textarea></p>
		<p><input type="submit" value="'.$this->cms->lang['save'].'"/></p>
		</fieldset>
		</form>';
		
		$this->cms->renderHeader($this->cms->lang['admin'].' Download');
		$this->cms->renderMenu();
		$this->cms->template->addFrame($this->cms->lang['download_categorie'],$html);
		
	}
	
	public function addCategorie()
	{
		
		$cat_name = mysql_real_escape_string($_POST['cat_name']);
		$cat_name = htmlentities($cat_name,ENT_NOQUOTES,'UTF-8');
		
		$cat_desc = mysql_real_escape_string($_POST['description']);
		$cat_desc = htmlentities($cat_desc,ENT_NOQUOTES,'UTF-8');
		
		$this->cms->sql_query("INSERT INTO %prefix%file_cats VALUES('','$cat_name','$cat_desc')");
		
		header('location: admin.php?mod=download&t=editcat');
	}
	
	public function saveCategorie()
	{
		$cat_id = $this->getUrlInt($_POST['cid']);
		
		$cat_name = mysql_real_escape_string($_POST['cat_name']);
		$cat_name = htmlentities($cat_name,ENT_NOQUOTES,'UTF-8');
		
		$cat_desc = mysql_real_escape_string($_POST['description']);
		$cat_desc = htmlentities($cat_desc,ENT_NOQUOTES,'UTF-8');
		
		$this->cms->sql_query("UPDATE %prefix%file_cats SET cat_name='$cat_name',description='$cat_desc' WHERE id=$cat_id");
		header('location: admin.php?mod=download&t=editcat');
	}
	
	public function deleteCategorie()
	{
		$cat_id = $this->getUrlInt($_GET['cid']);
		
		$this->cms->sql_query("DELETE FROM %prefix%file_cats WHERE id=$cat_id");
		
		header('location: admin.php?mod=download&t=editcat');
	}
	
	public function fileListPage()
	{
		$dt = $this->cms->sql_query("SELECT f.id,f.filename,f.filesize,f.nb_dwl,f.timestamp,c.cat_name,u.username FROM %prefix%file f JOIN %prefix%file_cats c ON(c.id=f.cat_id) JOIN %prefix%users u ON(u.id=f.user_id) ORDER BY f.timestamp DESC");
		$count = mysql_num_rows($dt);
		
		$html = '
		<h3>Download Module Administration</h3>
		<p><a href="admin.php?mod=download&t=editcat">'.$this->cms->lang['download_edit_categorie'].'</a></p>
		<table class="download" width="100%">
		<tr class="rowhead">
		<td>'.$this->cms->lang['download_filename'].'</td>
		<td>'.$this->cms->lang['download_filesize'].'</td>
		<td>'.$this->cms->lang['download_categorie'].'</td>
		<td>-</td>
		<td>'.$this->cms->lang['download_nbofdl'].'</td>
		<td>'.$this->cms->lang['download_uploader'].'</td>
		<td>-</td>
		</tr>
		';
		
		require_once("core/tools/filesize.php");
		
		$size = new FileSize();
		
		$row = "row01";
		while($data = mysql_fetch_array($dt))
		{
			$size->setSize($data['filesize']);
			$html .= '<tr class="'.$row.'">
			<td>'.$data['filename'].'</td>
			<td>'.$size->getSmallUnitFormattedSize().'</td>
			<td>'.$data['cat_name'].'</td>
			<td>'.date($this->cms->lang['dateformat'],$data['timestamp']).'</td>
			<td>'.$data['nb_dwl'].'</td>
			<td>'.$data['username'].'</td>
			<td><a href="admin.php?mod=download&t=edit&did='.$data['id'].'">'.$this->cms->lang['edit'].'</a>
			| <a href="admin.php?mod=download&t=delete&did='.$data['id'].'">'.$this->cms->lang['delete'].'</a>
			</td>
			</tr>';
			
			if($row=="row01")
			{
				$row="row02";
			}
			else
			{
				$row="row01";
			}
		}
		
		$html .= '</table>';
		
		$this->cms->renderHeader($this->cms->lang['admin'].' Download');
		$this->cms->renderMenu();
		$this->cms->template->addFrame('Download Module',$html);
	}
	
	public function editFile()
	{
		$this->cms->loadStiCodeScript();
		require_once("core/sticode.php");
		$file_id = $this->getUrlInt($_GET['did']);
		$dt = $this->cms->sql_query("SELECT f.id,f.filename,f.description,f.url,f.filesize,f.md5sum,c.cat_name FROM %prefix%file f JOIN %prefix%file_cats c ON(c.id=f.cat_id) WHERE f.id=$file_id");
		$data = mysql_fetch_array($dt);
		
		$html = '<form action="admin.php?mod=download&t=savefile" method="post" name="upload" id="upload">
		<fieldset>
		<legend>'.$data['filename'].'</legend>
  		<p>
    	<label for="filename">'.$this->cms->lang['download_filename'].' : </label>
    	<input type="text" name="filename" value="'.$data['filename'].'" id="filename" tabindex="10" />
  		</p>
 		 <p>
    <label for="cats">'.$this->cms->lang['download_categorie'].' : </label>
	'.$this->catListBox('cats',$data['cat_name']).'
  </p>
  '.StiCodeHTMLFormBar('description').'
  <p>
    <label for="description">'.$this->cms->lang['download_description'].' : </label><br />
    <textarea name="description" id="description" cols="40" rows="5" tabindex="20">'.$data['description'].'</textarea>
  </p>
  <p>

    <p>
      <label for="url">'.$this->cms->lang['download_url'].' : </label>
      <input type="text" name="url" id="url" value="'.$data['url'].'" tabindex="20" />
    </p>
    <p>
      <label for="size">'.$this->cms->lang['download_filesize'].' : </label>
      <input type="text" name="size" id="size" value="'.$data['filesize'].'" tabindex="30" />
    </p>
    <p>
      <label for="md5">'.$this->cms->lang['download_md5sum'].' : </label>
      <input type="text" name="md5" id="md5" value="'.$data['md5sum'].'" tabindex="40" />
    </p>
    	<input type="hidden" name="did" value="'.$data['id'].'" />
  		<input name="save" type="submit" value="'.$this->cms->lang['save'].'" />
  	</fieldset>
		</form>';
		
		$this->cms->renderHeader($this->cms->lang['admin'].' Download');
		$this->cms->renderMenu();
		$this->cms->template->addFrame($data['filename'],$html);
	}
	
	public function saveFile()
	{
		$file_id = $this->getUrlInt($_POST['did']);
		
		require_once("core/tools/string.php");
		
		$_POST = array_sql_escape($_POST);
		$_POST = array_htmlentities($_POST);
		
		$filename = $_POST['filename'];
		$cat_id = intval($_POST['cats']);
		$description = $_POST['description'];
		$filesize = intval($_POST['size']);
		$url = $_POST['url'];
		$md5 = $_POST['md5'];
		
		$this->cms->sql_query("UPDATE %prefix%file SET filename='$filename',cat_id=$cat_id,filesize=$filesize,description='$description',url='$url',md5sum='$md5' WHERE id=$file_id");
		
		header('location: admin.php?mod=download&t=edit&did='.$file_id);
		
	}
	
	public function deleteFile()
	{
		$file_id = $this->getUrlInt($_GET['did']);
		
		$dt = $this->cms->sql_query("SELECT url FROM %prefix%file WHERE id=$file_id");
		$data = mysql_fetch_array($dt);
		$url = $data['url'];
		
		/*
		if(!ereg('http://',$url))
		{
			delete($url);
		}
		*/
		
		
		$this->cms->sql_query("DELETE FROM %prefix%file WHERE id=$file_id");
		
		header('location: admin.php?mod=download');
		
	}
	
	public function getUrlInt($var)
	{
		if(isset($var))
		{
			if(!is_numeric($var))
			{
				$this->cms->error('','index.php');
			}
			else
			{
				return $var;	
			}
		}
		else
		{
			$this->cms->error('','index.php');
		}
	}
}


?>